add 'proxyEndpoint' to tunnel response (#21)

This commit is contained in:
Michael Quigley 2022-08-09 11:49:40 -04:00
parent 2c36a461eb
commit 57931eff09
No known key found for this signature in database
GPG Key ID: 9B60314A9DD20A62
6 changed files with 40 additions and 13 deletions

View File

@ -27,7 +27,7 @@ func Run(cfg *Config) error {
api.IdentityLoginHandler = identity.LoginHandlerFunc(loginHandler)
api.MetadataOverviewHandler = metadata.OverviewHandlerFunc(overviewHandler)
api.MetadataVersionHandler = metadata.VersionHandlerFunc(versionHandler)
api.TunnelTunnelHandler = tunnel.TunnelHandlerFunc(tunnelHandler)
api.TunnelTunnelHandler = newTunnelHandler(cfg)
api.TunnelUntunnelHandler = tunnel.UntunnelHandlerFunc(untunnelHandler)
if v, err := store.Open(cfg.Store); err == nil {

View File

@ -14,10 +14,19 @@ import (
"github.com/openziti/edge/rest_management_api_client/service_policy"
"github.com/openziti/edge/rest_model"
"github.com/sirupsen/logrus"
"strings"
"time"
)
func tunnelHandler(params tunnel.TunnelParams, principal *rest_model_zrok.Principal) middleware.Responder {
type tunnelHandler struct {
cfg *Config
}
func newTunnelHandler(cfg *Config) *tunnelHandler {
return &tunnelHandler{cfg: cfg}
}
func (self *tunnelHandler) Handle(params tunnel.TunnelParams, principal *rest_model_zrok.Principal) middleware.Responder {
logrus.Infof("tunneling for '%v' (%v)", principal.Username, principal.Token)
tx, err := str.Begin()
@ -56,24 +65,24 @@ func tunnelHandler(params tunnel.TunnelParams, principal *rest_model_zrok.Princi
logrus.Error(err)
return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error()))
}
svcId, err := createService(svcName, edge)
svcId, err := self.createService(svcName, edge)
if err != nil {
logrus.Error(err)
return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error()))
}
if err := createServicePolicyBind(svcName, svcId, envId, edge); err != nil {
if err := self.createServicePolicyBind(svcName, svcId, envId, edge); err != nil {
logrus.Error(err)
return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error()))
}
if err := createServicePolicyDial(svcName, svcId, edge); err != nil {
if err := self.createServicePolicyDial(svcName, svcId, edge); err != nil {
logrus.Error(err)
return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error()))
}
if err := createServiceEdgeRouterPolicy(svcName, svcId, edge); err != nil {
if err := self.createServiceEdgeRouterPolicy(svcName, svcId, edge); err != nil {
logrus.Error(err)
return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error()))
}
if err := createEdgeRouterPolicy(svcName, envId, edge); err != nil {
if err := self.createEdgeRouterPolicy(svcName, envId, edge); err != nil {
logrus.Error(err)
return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error()))
}
@ -96,11 +105,12 @@ func tunnelHandler(params tunnel.TunnelParams, principal *rest_model_zrok.Princi
logrus.Infof("recorded service '%v' with id '%v' for '%v'", svcId, sid, principal.Username)
return tunnel.NewTunnelCreated().WithPayload(&rest_model_zrok.TunnelResponse{
ProxyEndpoint: self.proxyUrl(svcName),
Service: svcName,
})
}
func createService(name string, edge *rest_management_api_client.ZitiEdgeManagement) (serviceId string, err error) {
func (self *tunnelHandler) createService(name string, edge *rest_management_api_client.ZitiEdgeManagement) (serviceId string, err error) {
configs := make([]string, 0)
encryptionRequired := true
svc := &rest_model.ServiceCreate{
@ -121,7 +131,7 @@ func createService(name string, edge *rest_management_api_client.ZitiEdgeManagem
return resp.Payload.Data.ID, nil
}
func createServicePolicyBind(svcName, svcId, envId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
func (self *tunnelHandler) createServicePolicyBind(svcName, svcId, envId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
semantic := rest_model.SemanticAllOf
identityRoles := []string{fmt.Sprintf("@%v", envId)}
name := fmt.Sprintf("%v-bind", svcName)
@ -149,7 +159,7 @@ func createServicePolicyBind(svcName, svcId, envId string, edge *rest_management
return nil
}
func createServicePolicyDial(svcName, svcId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
func (self *tunnelHandler) createServicePolicyDial(svcName, svcId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
identityRoles := []string{"@PyB606.S."} // @proxy
name := fmt.Sprintf("%v-dial", svcName)
postureCheckRoles := []string{}
@ -177,7 +187,7 @@ func createServicePolicyDial(svcName, svcId string, edge *rest_management_api_cl
return nil
}
func createServiceEdgeRouterPolicy(svcName, svcId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
func (self *tunnelHandler) createServiceEdgeRouterPolicy(svcName, svcId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
edgeRouterRoles := []string{"#all"}
semantic := rest_model.SemanticAllOf
serviceRoles := []string{fmt.Sprintf("@%v", svcId)}
@ -200,7 +210,7 @@ func createServiceEdgeRouterPolicy(svcName, svcId string, edge *rest_management_
return nil
}
func createEdgeRouterPolicy(svcName, envId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
func (self *tunnelHandler) createEdgeRouterPolicy(svcName, envId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
edgeRouterRoles := []string{"#all"}
identityRoles := []string{fmt.Sprintf("@%v", envId)}
semantic := rest_model.SemanticAllOf
@ -222,3 +232,7 @@ func createEdgeRouterPolicy(svcName, envId string, edge *rest_management_api_cli
logrus.Infof("created edge router policy '%v'", resp.Payload.Data.ID)
return nil
}
func (self *tunnelHandler) proxyUrl(svcName string) string {
return strings.Replace(self.cfg.Proxy.UrlTemplate, "{svcName}", svcName, -1)
}

View File

@ -17,6 +17,9 @@ import (
// swagger:model tunnelResponse
type TunnelResponse struct {
// proxy endpoint
ProxyEndpoint string `json:"proxyEndpoint,omitempty"`
// service
Service string `json:"service,omitempty"`
}

View File

@ -429,6 +429,9 @@ func init() {
"tunnelResponse": {
"type": "object",
"properties": {
"proxyEndpoint": {
"type": "string"
},
"service": {
"type": "string"
}
@ -869,6 +872,9 @@ func init() {
"tunnelResponse": {
"type": "object",
"properties": {
"proxyEndpoint": {
"type": "string"
},
"service": {
"type": "string"
}

View File

@ -145,6 +145,7 @@ paths:
description: internal server error
schema:
$ref: "#/definitions/errorMessage"
/version:
get:
tags:
@ -270,6 +271,8 @@ definitions:
tunnelResponse:
type: object
properties:
proxyEndpoint:
type: string
service:
type: string

View File

@ -93,6 +93,7 @@
* @typedef tunnelResponse
* @memberof module:types
*
* @property {string} proxyEndpoint
* @property {string} service
*/